Fake White House holiday e-mail is cyber attack
It looked like an innocent e-mail Christmas card from the White House.
Washington: It looked like an innocent
e-mail Christmas card from the White House.
But the holiday greeting that surfaced just before
Christmas was a ruse by cybercriminals to steal documents and
other data from law enforcement, military and government
workers, particularly those involved in computer crime
Analysts who have studied the malicious software said
on Wednesday that hackers were able to use the e-mail to
collect sensitive law enforcement data. But so far there has
been no evidence that any classified information was
The targeted e-mail attack comes as the federal
government is desperately trying to beef up its cyber security
after the release of thousands of State Department cables and
military documents by the WikiLeaks website. Federal
authorities want to improve technology systems and crack down
on employees to prevent the theft or loss of classified and
The red holiday e-mail card, with its brightly
decorated Christmas tree, prompted recipients to click on a
link, which would then download the ZueS malware, a well-known
malicious code that is often used to steal passwords and other
online credentials, primarily to poach Internet banking
information. The malware was created several years ago and is
widely available for criminals to acquire and adapt. It has
been used to steal millions of dollars.
In this case, however, the code downloaded a second
payload that is designed to steal documents from the
recipient`s computer, accessing Microsoft Word and Excel
Don Jackson, director of threat intelligence for
Atlanta-based SecureWorks, a computer security consulting
company, said the attack was somewhat small and targeted to a
limited number of groups with law enforcement, military and
It was small enough, he said, to suggest that it was
sent out manually and not by a large network of infected
computers. He said it was not large enough to be picked up by
cybersecurity spam traps or sensors.
Analysts learned of the e-mail attack last week and
have spoken with federal authorities about it.
While ZueS-related attacks are fairly common, this
latest one stood out because of the use of the White House
connection to lure recipients in and the targeted way it went
after law enforcement, analysts said.